★ The Company is solely and independently responsible for its own privacy practices. No Member is responsible for The Company’s privacy practices.
★ Each Member is solely and independently responsible for its own privacy practices. No Member is responsible for another Member’s privacy practices. Also, The Company is not responsible for any Member’s privacy practices.
- Information that The Company collects from you (including Personal Information)
- Cookies and Tracking Technologies on The Company Site
- How your information is used
- How your information is shared
- How to manage your Personal Information
- Storage & Security
- Contact information
INFORMATION THAT THE COMPANY COLLECTS FROM YOU (INCLUDING PERSONAL INFORMATION)
The Company directly collects information when you:
- sign up for a Company user account and create a Company user profile;
- enroll and participate in online courses;
- purchase a product or service;
- send email messages to The Company (including messages to learner support);
- participate in user surveys; and
- participate in public forums, webinars, and other interactive experiences on The Company Site.
The Company also indirectly collects usage information about your visit to The Company Site, as explained in the section below titled Cookies and Tracking Technologies.
The Company does not itself collect or store financial account numbers or identification issued by a governmental entity, employer, or other authority. Instead, if you choose to make a purchase on The Company Site, you will be directed to The Company’s third-party payment processor and The Company’s third-party ID verification service provider. If you do not wish to submit the required authentication or payment information, then you will not be able to obtain a certificate via The Company Site.
The Company requires your Personal Information only in limited circumstances when you:
- sign up for a The Company user account (name, username, email address);
- purchase a Verified Certificate (so that The Company’s third-party vendor can authenticate your identity) or other product or service (so that The Company’s third-party vendor can process payment);
- participate in remote proctoring or other course facilitation processes (so that The Company’s third-party vendor can monitor and assess the integrity of your course activity); or
- earn a Verified Certificate (the certificate will have your name on it).
To the extent that The Company associates the information that The Company collects directly or indirectly with an individual (for example, you), the association is based on Personal Information in your account profile.
You may voluntarily choose to share additional Personal Information on The Company Site, for example:
- in your The Company account profile (and you may display a limited or full profile to other The Company Site users);
- in applying for financial assistance; or
- when participating in a course, forum, webinar, or other interactive experience on The Company Site (noting that in some cases, this information is shared with a third party that provides tools or other assistance for The Company Site or a course).
The Company encourages you to use discretion before voluntarily sharing additional Personal Information on The Company Site. (If you later choose to delete your The Company account, deletion of your Personal Information will be subject to the Company’s approved process)
Members do not receive your Personal Information unless and until you enrol in a course. If you enrol in a course, the Member that offers the course will receive Personal Information from your Company account profile plus the information that The Company collects about your activity and performance in the course in which you enrolled.
HOW YOUR INFORMATION IS USED
The Company and Members use information, including Personal Information, to carry out the following purposes:
- Operate and improve The Company Site – This includes creating and improving features that support The Company community and enable The Company Site usage at scale. This also includes personalizing The Company Site, so your learning experience is tailored to your interests and needs.
- Create, administer, provide, and teach courses – This includes creating and improving the delivery of courses and programs on The Company. This also includes personalizing courses, so your learning experience is tailored to your interests and needs, and assessing your performance and awarding certificates.
- Offer and improve products and services – This includes enabling you to navigate The Company’ Site, to enroll and participate in courses and programs on The Company Site, to learn effectively in such courses and programs, and to purchase or obtain products and services on The Company Site.
- Develop and maintain the security and performance of The Company Site – This includes tracking The Company Site outages and creating software solutions, detecting violations of Terms of Service, and monitoring uses, misuses, and potential misuses of The Company Site.
- Communicate with you – This includes answering your course and platform questions, notifying you of course and The Company Site maintenance and updates, marketing to you about course offerings, programs, news, and related products and services of The Company or The Company affiliates, and as permitted under applicable law, sending you communications about products or services of selected business partners that may be of interest to you.
- Support scientific research including. This includes collaborating to enable and conduct research about how learners access and master course materials online, with the goal of improving course outcomes.
- Track The Company Site usage against goals and mission – This includes performing analytics to evaluate access to and performance in courses and course-related products and services and to report aggregate usage information (not Personal Information) to business partners and external audiences.
- Exercise, enforce, and comply with legal rights and obligations – This includes responding to subpoenas, court orders, or other legal process; and investigating, preventing, or taking action regarding illegal activities, suspected fraud, security or technical issues, or to protect the rights, property, or safety of The Company, Members, or others, and as otherwise required by applicable law.
The Company or a Member may also seek your consent for additional uses of information, including Personal Information, and will use it only for the purpose described to you. All use of Personal Information is subject to applicable law.
HOW YOUR INFORMATION IS SHARED
The Company and Members share information, including Personal Information, with third parties for the following purposes:
- With other learners in courses that you take and with other visitors to The Company Site, to create an interactive learning environment, support class participation, and share course information – This includes sharing comments, coursework, or other information or content that you submit to a portion of The Company Site designed for viewing by other class members or for public communication. This also includes providing opportunities for you to communicate with other users who may have similar interests or educational goals, for instance, recommending specific study partners or connecting potential student mentees and mentors. In such cases, The Company and each Member that offers a course in which you enrolled may use all information collected about you to determine who might be interested in communicating with you, but will only provide others your username (for clarity, no disclosure of your real name or email address).
- With employers, government programs, institutions, or other enterprises that sponsor your enrollment in a course for training or other educational purposes – If an entity pays for or otherwise sponsors your Verified Certificate or course participation, The Company will share information with the entity as needed to confirm your enrollment, participation, progress, and completion status in that course.
The Company or a Member may also seek your consent for additional disclosures of information, including Personal Information, and will share it only as described to you. In addition, The Company or a Member may share with the public and with third parties, including but not limited to researchers and business partners, information and Personal Information that is de-identified or aggregated in a manner that does not personally identify you.
HOW TO MANAGE YOUR PERSONAL INFORMATION
You can manage your Personal Information through learner features on The Company Site and requests to The Company support team. If your request involves information controlled by a Member, The Company support will notify and coordinate with the appropriate Member to address your request. The Company will provide support to the extent required by applicable law (for example, learners in the European Union) and more broadly when possible, as a courtesy in our sole discretion. The Company will notify you in the event that The Company is unable to meet a request that is not legally required. Similarly, Members will only be obligated to comply with requests to the extent legally required but may choose to comply with other requests in their sole discretion.
Access and correct your Personal Information
Much of your Personal Information is available in your Company account. Your name, email address, and other identifiable profile information is editable through the profile settings in your Company account except as noted below. Your account dashboard lists all current and archived courses in which you have enrolled and includes links to any Verified Certificates you may have earned. The dashboard also contains copies of your answers and other participation and performance in courses. Please contact The Company support to access and update this or other information. If your request involves information controlled by a Member, The Company learner support will notify the appropriate Member of your request.
The Company does not track or index every time or every place on The Company Site when or where a learner may volunteer Personal Information, so neither The Company nor Members will be able to help you locate or manage all such instances. The Company encourages you to use discretion before volunteering Personal Information on The Company Site.
Restrict or object to the processing of Personal Information
If you want to manage emails and other communications to you, you may update your preferences in your Company by contacting The Company support. You may object to, or request that The Company or a Member stop, its use of your Personal Information for other purposes by contacting The Company support team. If your request involves information controlled by a Member, The Company support will notify the appropriate Member of your request. Please note that if you choose to restrict The Company’s or a Member’s ability to process Personal Information, and the processing is otherwise required to provide you with various services and products offered on The Company Site, you may not be able to establish a Company user account or enroll for a course, and The Company or a Member may not be able to provide you with those services or products.
Delete account and Personal Information
To request deletion of your The Company account and Personal Information, you should contact our Support Team. Because deletion on The Company system is a permanent action and cannot be reversed, The Company may ask you to complete a process that aims to confirm your authority to manage The Company account affected by your request. We may not delete your account if local laws require such data to be kept for a number of years.
With respect to your Company account, The Company will permanently:
- deactivate your Company account,
- remove the active profile,
- retire your username, and
- remove you from The Company email lists.
With respect to your Personal Information, The Company will permanently delete your Company account profile Personal Information from The Company Site.
As noted above, to the extent that The Company associates the information that The Company collects directly or indirectly with an individual (for example, you), the association is based on Personal Information in your Company account profile. By erasing the Personal Information in your Company account profile, the remaining information about your activity on The Company Site will no longer be associated with you, except as noted below.
These changes will be applied to data stores that are used for operation of The Company Site including course administration by Members. If you enrolled in any courses on The Company Site, The Company support team will share your request with the Members that offered those courses.
Deletion will not apply to historical activity logs or archives unless and until these logs and data naturally “age-off” The Company system.
The Company does not track or index every time or every place on The Company Site when or where a learner may volunteer Personal Information, so neither The Company nor Members will be able to help you locate or manage all such instances. The Company encourages you to use discretion before voluntarily sharing your Personal Information on The Company Site.
The Company will archive course data (in a manner and to the extent permitted under applicable law) to serve its mission to enable scientific research on cognitive science and education. These archives are used to produce encrypted research data packages for Members, and Personal Information may not be deleted from research data packages retained by Members.
The Company and each applicable Member cannot always delete records of past interactions and transactions. For example, records relating to previous purchases on The Company Site must be retained for financial reporting, audit, and compliance reasons.
The Company and each Member will retain and use Personal Information as necessary to comply with its legal obligations, resolve disputes, enforce its agreements, and as otherwise permitted by applicable law.
The Company will retain your Personal Information for as long as your account is active or as needed to provide you with services; to maintain a record of your transactions for financial reporting, audit, and compliance purposes; and to comply with The Company’s legal obligations, resolve disputes, enforce its agreements, and as otherwise permitted by applicable law. If you enroll in a Member’s course, such Member will also retain your Personal Information for as long as needed to provide you with services; to maintain a record of your transactions for financial reporting, audit, and compliance purposes; and to comply with its legal obligations, resolve disputes, enforce its agreements, and as otherwise permitted by applicable law. Upon your request that The Company deactivate your account and delete your information, The Company will follow the process described above, including without limitation archiving your course data (in a manner and to the extent permitted under applicable law) to serve its mission to enable scientific research on cognitive science and education. These archives will be used to produce encrypted research data packages for Members, and each such Member may also keep and use course data for scientific research.
STORAGE & SECURITY
The Company stores information, including Personal Information, on its own servers and also on servers of companies that The Company hires to provide services. Each Member also stores information, including Personal Information, on its own servers and/or on servers of companies that the Member hires to provide services. In each case, information may be stored in different countries where The Company or a Member operates, and in countries where The Company and each Member’s respective service providers operate. If you are in the European Union, Switzerland, or other regions with laws governing data collection and use, you acknowledge that The Company and each Member may transfer, process and store your personal information in the United States and other countries, the privacy laws of which may be considered less strict than those of your region.
The Company controls its own copy of information collected through The Company Site and has an information security program designed to protect information in its possession or control. This is done through a variety of privacy and security policies, processes, and procedures. The Company uses administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of the information that it collects, receives, stores, or transmits. Nonetheless, no method of transmission over the Internet, or method of electronic storage, is 100% secure; and therefore, The Company cannot guarantee its absolute security. While The Company works hard to ensure the integrity and security of its network and systems, The Company cannot guarantee that its security measures will prevent “hackers” or other unauthorized persons from illegally accessing or obtaining information.
If The Company learns of a security breach involving its copy of your Personal Information, The Company may attempt to notify you electronically so that you may take appropriate protective steps. By using The Company Site or providing Personal Information to The Company, you agree that The Company can communicate with you electronically regarding security, privacy, and administrative issues relating to your use of The Company Site. If a security systems breach occurs, The Company may post a notice on The Company homepage (www.smartage.group) or elsewhere on The Company Site and may send an email to you at the email address associated with your The Company’s account. Depending on where you are located, you may have a legal right to receive notice of a security breach, involving your Personal Information, in writing.
If a Member learns of a security breach involving that Member’s copy of your Personal Information, the Member may attempt to notify you electronically so that you may take appropriate protective steps. By enrolling in a Member’s course on The Company Site or providing Personal Information to the Member, you agree that the Member can communicate with you electronically regarding security, privacy, and administrative issues relating to your course enrollment and participation. If a security systems breach occurs, the affected Member may post a notice on The Company site and/or send an email to you at the email address associated with your enrollment in the Member’s course on The Company Site. Depending on where you are located, you may have a legal right to receive notice of a security breach, involving your Personal Information, in writing.
March 01, 2019
SMARTAGE GROUP SDN BHD MALAYSIAN PERSONAL DATA PROTECTION ACT OF 2010 (PDPA) NOTICE
The Personal Data Protection Act 2010 (the “Act”), which regulates the processing of personal data in commercial transactions, applies to SmartAge Group and all its subsidiary businesses. For the purpose of this Data Protection Notice, the words “we”, “us” or “our” shall refer to the companies within SmartAge Group. For the purpose of this written notice (“Privacy Notice”), the terms “personal data” and “processing” shall have the same meaning as prescribed in the Act. This Privacy Notice is to help you better understand the manner in which your personal data is managed and to give you the options available to you to access or limit the use of the information provided. However, we may amend this Data Protection Notice without giving prior written notice but such amendments will be notified via our website.
Table of Contents
- Source of Personal Data Collected
- Failure to provide Personal Data
- Purpose for the collection of Personal Data
- Cookies Use
- Disclosure of Personal Data
- Security Measures
- Amendments to this Notice
1. Source of Personal Data Collected
SmartAge Group may collect your Personal Data directly and/or indirectly from you in the following manner including, but not limited to: –
(a) registering and/or creating an account on SmartAge Group;
(b) subscribing to any products and/or services offered by SmartAge Group;
(c) browsing and/or accessing the SmartAge Group;
(d) subscribing to any newsletters or notices by SmartAge Group;
(e) contacting SmartAge Group for queries and assistance where telephone conversations and/or e-mail correspondences will be recorded; and
(g) your preferred choice of mode of payment, communication, products and/or services on SmartAge Group.
2. Failure to provide Personal Data
The provision of your Personal Data is voluntary however all Personal Data requested by us from you is obligatory and failure to provide such Personal Data will render the following:
(a) result in us being unable to provide you with the notices, products requested;
(b) result in us being unable to update you on the latest information or updates in relation to the SmartAge Group;
(c) result in us being unable to update you on our latest products, promotions on SmartAge Group; and
(d) result in us being unable to ascertain and/or verify your account registered on SmartAge Group.
3. Purpose for the collection of Personal Data
The Personal Data collected by SmartAge Group will be used by SmartAge Group for the following purposes but not limited to:
(a) to process your requested products and/or services on SmartAge Group;
(b) to administer and communicate with you in connection to our services and on SmartAge Group;
(c) to comply with legal and regulatory obligations in conduct of our business (if applicable);
(d) to contact you regarding products, services, promotions, advertising, marketing, commercial materials which may be of interest to you on SmartAge Group.
4. Cookies Use
4.1 To provide you with the best experience, cookies are small files of letters and numbers which are sent to your browser when you visit SmartAge Group. The purpose of collection of cookies from your browser is to track including but not limited to, your transactions, use of SmartAge Group.
4.2 You may disfigure such settings through your internet browsers. However, please note that this may limit your viewing for the products and/or services on the SmartAge Group. Additionally, you may not be able to gain access to all or parts of SmartAge Group.
5. Disclosure of Personal Data
5.1 Personal Data provided to us will generally be kept confidential and you hereby consent to us disclosing your Personal Data to other companies, service providers or individuals to perform functions on your behalf, and consequently may provide access or disclose your Personal Data to the third parties such as those listed below (this list not exhaustive):
(a) data entry service providers;
(b) storage facility providers;
(c) banks and financial institutions; and
(d) information technology (IT) service providers.
Third parties are legally tasked with processing your Personal Data in line with principles by SmartAge Group. Third Parties are also held legally responsible for securing your Personal Data at an appropriate level of security in relation to applicable data protection laws and widely accepted industry standards.
6. Security Measures
6.1 All Personal Data provided to us will be transferred, uploaded and stored onto our secured system. By providing your Personal Data to us, you shall have no objection that such Personal Data are stored in such a manner. All necessary steps will be taken to ensure your Personal Data are stored with us stringently and strictly in accordance to this Notice.
6.2 Your Personal Data will be destroyed when it is no longer necessary to us and/or to comply with any legal compliance.
While we strive to maintain the highest level of security of your Personal Data, transmitting your Personal Data via online and/or mobile applications may not be completely safe and it is beyond our control. Any transmission of Personal Data via online and/or mobile applications shall be at your own risk.
7. Amendments to this Notice
SmartAge Group is committed to comply with the Malaysian Personal Data Protection Act (PDPA) 2010.
To ensure that the business can offer an exceptional service to its stakeholders, it will, on occasion, share personal data for the purposes of best practice and business practice.SmartAge Group subscribes to the provisions of the Malaysian Personal Data Protection Act (PDPA) of 2010. Those who wish to decline the business’s use of their data can write to: firstname.lastname@example.org